[hipl-users] Re: HIPL on OpenWRT

  • From: Miika Komu <miika.komu@xxxxxxx>
  • To: hipl-users@xxxxxxxxxxxxx
  • Date: Tue, 08 Sep 2009 19:51:30 +0300

Thomas Jansen wrote:

Hi,

have you tried manual keying with setkey?

http://www.ipsec-howto.org/x304.html
http://lartc.org/howto/lartc.ipsec.html

Here's a script from BEET testing with "ip" tool:

http://infrahip.hiit.fi/old/run-ipsec.sh

I wonder if Joakim has a later version of the tool?


On Tue, Sep 08, 2009 at 01:44:23PM +0300, Miika Komu wrote:


does even tunnel mode work?


No, that doesn't work either. setkey output is still the same, except for the
mode, which is listed as "tunnel", rather than "3" (with BEET mode).

Tunnel mode:
$ setkey -D
192.168.5.56 192.168.5.1 esp mode=tunnel spi=0(0x00000000) reqid=0(0x00000000) seq=0x00000000 replay=0 flags=0x00000000 state=larval created: Jan 1 04:22:52 1970 current: Jan 1 04:22:57 1970 
        diff: 5(s)      hard: 30(s)     soft: 0(s)
        last:                           hard: 0(s)      soft: 0(s)
        current: 0(bytes)       hard: 0(bytes)  soft: 0(bytes)
        allocated: 0    hard: 0 soft: 0
        sadb_seq=0 pid=1254 refcnt=0

BEET mode:
$ setkey -D
192.168.5.56 192.168.5.1
        esp mode=3 spi=0(0x00000000) reqid=0(0x00000000)
        seq=0x00000000 replay=0 flags=0x00000000 state=larval
        created: Jan  1 04:12:24 1970   current: Jan  1 04:12:32 1970
        diff: 8(s)      hard: 30(s)     soft: 0(s)
        last:                           hard: 0(s)      soft: 0(s)
        current: 0(bytes)       hard: 0(bytes)  soft: 0(bytes)
        allocated: 0    hard: 0 soft: 0
        sadb_seq=0 pid=1228 refcnt=0

Other related posts:

  1. Home
  2. hipl-users
  3. Archive
  4. 09-2009